CI/CD pipelines are super important for modern DevSecOps, but they can be a huge weak spot for attackers. Patricia Rodrigues's talk shakes things up by suggesting we stop trying to secure the pipelines themselves directly.
Instead, we're urged to focus on "Protected Resources" to gain killer visibility, enforce security rules, and keep those pipelines from becoming easy entry points for hackers. It's all about a mindset shift to make your automated systems provably secure!
Watch on YouTube
Top comments (0)